CLAIMS 

What is claimed is: 

1. A computer-implemented process for assessing the 
vulnerability of a workstation to a security compromise, comprising the steps: 

issuing a request for a scanner from a browser operating on the 
workstation to a network server via a computer network; 

transmitting the scanner from the network server to the 
workstation via the computer network, the scanner installable within the browser and 
operative to complete a vulnerability assessment of the workstation; and 

generating workstation credentials in response to the scanner 
conducting the vulnerability assessment of the workstation. 

2. The computer-implemented process of Claim 1 further 
comprising the step of presenting the workstation credentials to the user of the 
workstation. 

3. The computer-implemented process of Claim 1 further 
comprising the step of transmitting the workstation credentials to the network server 
via the computer network. 

4. The computer-implemented process of Claim 1 further 
comprising the step of completing a repair operation by the scanner to address a 
security vulnerability identified by the scanner in response to completing the 
vulnerability assessment of the workstation. 

5. The computer-implemented process of Claim 1 wherein the 
scanner comprises a plug-in control operable with the browser and a data file defining 
security vulnerabilities. 



6. The computer-implemented process of Claim 1, wherein the 
step of issuing a request for a scanner comprises the browser issuing a request for a 
Web page at the network server, the Web page hosting the scanner as a plug-in 
control available for installation with the browser. 

7. A computer-readable medium comprising the computer- 
implemented process of Claim 1 . 



8. A computer-implemented process for authenticating a 
workstation requesting a software service, comprising the steps: 

issuing a request for a scanner to a network server from a 
5 browser operating on the workstation; 

transmitting the scanner and a workstation policy from the 
network server to the workstation via the computer network, the scanner installable 
within the browser and operative to generate workstation credentials by completing a 
vulnerability assessment of the workstation; 
10 comparing the workstation credentials to the workstation policy 

on the workstation to determine whether the workstation should be granted access to 
the software service. 

5 9. The computer-implemented process of Claim 8, wherein the 

15 step of issuing a request for a scanner comprises the browser issuing a request for a 
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11. A computer-implemented process for authenticating a 
workstation requesting a network service from a network server via a computer 
network, comprising the steps: 

issuing a request for a scanner to the network server from a 
browser operating on the workstation; 

transmitting the scanner from the network server to the 
workstation via the computer network, the scanner installable within the browser and 
operative to generate workstation credentials by completing a vulnerability 
assessment of the workstation to identify security vulnerabilities that would 
compromise the secure operation of the workstation on the computer network; 

transmitting the workstation security credentials from the 
scanner to the network server via the computer network; and 

determining at the network server whether the workstation 
should be granted access to a network service of the network based on the workstation 
credentials. 

12. The computer- implemented process .recited by Claim 11 
wherein the network server comprises a CGI script and the step of determining 
whether the workstation should be granted access to the network service comprises 
the CGI script comparing the workstation credentials to a workstation security policy 
maintained at the network server to determine whether the workstation should be 
granted access to the network service; 

if the workstation credentials satisfy the workstation security 
policy, then authorizing access to the network service and directing the browser to the 
log-in page via the computer network, 

otherwise, denying access to the network service and delivering 
an access denied page to the workstation via the computer network. 

13. A computer-readable medium comprising the computer- 
implemented process of Claim 1 1 . 

14. The computer-implemented process of Claim 11, wherein the 
step of issuing a request for a scanner comprises the browser issuing a request for a 
Web page at the network server, the Web page hosting the scanner as a plug-in 
control available for installation with the browser. 



